CN1960257A - Digital signature method based on super logarithm difficult problem, and dual coresidual theorem - Google Patents

Digital signature method based on super logarithm difficult problem, and dual coresidual theorem Download PDF

Info

Publication number
CN1960257A
CN1960257A CNA2006101456479A CN200610145647A CN1960257A CN 1960257 A CN1960257 A CN 1960257A CN A2006101456479 A CNA2006101456479 A CN A2006101456479A CN 200610145647 A CN200610145647 A CN 200610145647A CN 1960257 A CN1960257 A CN 1960257A
Authority
CN
China
Prior art keywords
key
delta
mod
digital signature
calculate
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CNA2006101456479A
Other languages
Chinese (zh)
Inventor
苏盛辉
Original Assignee
苏盛辉
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 苏盛辉 filed Critical 苏盛辉
Priority to CNA2006101456479A priority Critical patent/CN1960257A/en
Publication of CN1960257A publication Critical patent/CN1960257A/en
Pending legal-status Critical Current

Links

Abstract

The method utilizes the level function, super logarithm aporia, twin coresidual theorem to design a public secret key digital signature method. The method consists of key generation, digit signature and ID verification. The user holds two keys, i.e. a private key and a public key. There is no way to derive the private key from the public key. The private key is used to generate the signature code of the document or the message. The public key is used to verify the signature code of the document or the message. This method can prevent attack from existed analysis means effectively. The method can be used for any signature and verification of document and data in computer and comm. network and for ID appraisal or content validation in the electronic government affairs and the electronic business.

Description

A kind of digital signature method based on a super logarithm difficult problem and dual coresidual theorem
(1) technical field
Public-key cryptography digital signature method (being called for short public key digital signature method or endorsement method) belongs to cryptographic technique and field of computer technology, is one of core technology of information security.
(2) background technology
Classic cryptographic technique, symmetric cryptographic technique and public key cryptography technology three phases have been experienced in the development of cryptographic technique.1976, American scholar Diffie and Hellman proposed the thought of public-key cryptosystem, indicate the arriving of public key cryptography technology.At present, generally the digital signature technology of Shi Yonging have RSA scheme, Rabin scheme and ElGamal scheme (referring to " applied cryptography ", U.S. Bruce Schneier work, Wu Shizhong, Zhu Shixiong etc. translate, China Machine Press, in January, 2000,334-342 page or leaf).In order to improve fail safe, the ElGamal scheme is everlasting and is realized that at this moment, it is ECC scheme on the elliptic curve.Also have a DSA signature scheme in addition, it is the improvement of ElGamal signature scheme.
Said method all is that the American invents.Their fail safe is difficult to complexity of calculation based on big number, and promptly in the limited time and resource, it almost is impossible that big number is carried out that factorization or discrete logarithm find the solution.But along with the raising of the operational speed of a computer, their security intensity has weakened possibility.
(3) summary of the invention
The present invention be to " new key element public key cryptosystem " (patent No.: another amplification ZL01110163.6), so both some mathematics prerequisites and the scheme that produces public-key cryptography and private cipher key all are similar.
Digital signature technology is used for the discriminating that the affirmation of computer network and communication network both sides identity, the non repudiation that guarantees the transmission content and ecommerce, financial transaction and file are signed and issued middle identity.
The present invention wishes that our country can have the core technology of oneself in public key encryption and digital signature field, to guarantee information security, economic security and the safety with sovereign right of country, improves the technological means that financial fraud is taken precautions against by China simultaneously.
In this Section has omitted the proof to related properties and conclusion, fills if desired, and we will present immediately.
3.1 two basic conceptions
3.1.1 the definition of coprime sequence and character
Definition: if A 1, A 2..., A nDifferent for n, coprime and greater than 1 positive integer in twos, claim that then such positive integer sequence is coprime sequence, note by abridging and be { A i.
Character: (1≤m≤n) is from coprime sequence { A for positive integer m arbitrarily iIn optional m element composition subclass { Ax 1, Ax 2..., Ax m), the continued product G=(Ax of subclass then 1* Ax 2* ... * Ax m) be well-determined, i.e. G and subclass { Ax 1, Ax 2..., Ax m) corresponding one by one.
Proof slightly.
Attention: in this article, { A iBe sequence { A 1, A 2..., A n) write a Chinese character in simplified form { C iBe sequence { C 1, C 2..., C n) write a Chinese character in simplified form.{ l (i) } be n lever function value l (1), l (2) ..., l (n)) write a Chinese character in simplified form.
Symbol " * " is represented multiplication." A*B " writes a Chinese character in simplified form " A B " sometimes." mod " represents complementation." gcd " represents greatest common divisor. Represent the aliquant Q of S." ← " represents assignment.On behalf of both sides, " ≡ " the M complementation is equated, i.e. mould etc.
Order | x| represents the rank of x mod M, and ' ﹁ ' represents the complementary operation of bit.
3.1.2 lever function
In the present invention, the notion that still needs lever function.If l (.) is by the injective function of integer to integer, its domain of definition be 1,2 ..., n}, codomain be 5,6 ..., n+4).
In the ZL01110163.6 encryption method, when from PKI derivation private key or when decoding ciphertext, need to consider { l (i) } full number of permutations n! , when n was enough big, the full arrangement of exhaustive { l (i) } was infeasible; But when private key and ciphertext are recovered expressly, only need consider { l (i) } add up and, separate in when the multinomial of n, asking.Therefore, as if being fulcrum with the ciphertext, then l (.) is that " disclosing " end amount of calculation is big, and " privately owned " end amount of calculation is little.It is lever function that our weighing-appliance has the l (.) of above-mentioned character.
3.2 the technical scheme of digital signature
The present invention is the public key digital signature method of a niche in lever function and super increasing sequence, is called for short the REESSEl+ digital signature method, according to this method, can make the digital signature chip, or exploitation digital signature software etc.Therefore, the present invention is a kind of production figures signature product mandatory basic principle of institute and technical scheme, rather than physical product itself.
This digital signature scheme is made up of three parts such as key generation, digital signature and authentications.
3.2.1 digital signature and authentication operation
Suppose that user U desire sends a file or the message F with own digital signature by network to user V, its operating process is as follows:
Key generates: at first, user U should go to the 3rd side authoritative institution (ca authentication center or digital certificate center) to get a pair of private key (Private Key) and PKI (Public Key) that is generated parts output by key, private key must must not be leaked by user U oneself keeping; PKI then allows openly to provide to the external world with the form of public key certificate, so that use.
The digital signature operation: user U signs to file or message F with the private key of oneself on the machine of operation digital signature parts, obtains signed codevector, and file F is sent to user V together with signed codevector.
Authentication operation: user V obtains the public key certificate of user U from the CA center, whether on the machine of operation authentication parts file F and its signed codevector of receiving are verified, be that user U does, whether file F is modified in transmission course to identify signed codevector.
3.2.2 key generating portion
The key generating portion is used for the ca authentication center, is used for producing a pair of private key and PKI.
Suppose S, T, Be coprime in twos integer, T 〉=2 wherein n, And Be a non-big number, its implementation is:
(1) produces the super increasing sequence { A that item number is n at random 1, A 2..., A n), calculate G = Π i = 1 n A i
(2) find a positive prime number M make gcd (S, M-1)=1, And q| (M-1)
Here, q≤n+4 is any prime number
(3) select δ make (δ, M-1)=1 and
(4) calculate α ← δ δ n , W ← G -1(α δ -1) 1/S, β ← δ (δ+1) WSWith γ ← δ W n mod M
(5) produce different in twos value l (1), l (2) ..., l (n) ∈ i δ (mod M-1) | i=5,6 ..., n+4}
(6) calculate non-coprime sequence { C 1, C 2..., C n| C i≡ A iW L (i)(mod M) for i=1, and 2 ..., n).At last, with ({ A i, { l (i) }, W, δ, ) as private key, with ({ C i, α, β, γ) as PKI, S, T, M are shared.
3.2.3 digital signature
Transmit leg is the private key ({ A of signer with oneself i, { l (i) }, W, δ, ) as signature key.If F is for waiting to sign file or message, Hash is an one-way hash function.
(1) make eap-message digest H=Hash (F), its binary form is b 1b 2B n
(2) calculate k 1 ← Σ i = 1 n b i l ( i ) , G 0 ← Π i = 1 n A i - b i
(3) select Q<M to make
Calculate R and satisfy Q ≡ (R G 0) SH δ (mod M)
(4) calculate U ← ( R W k 1 - 1 δ δ ( δ + 1 ) ) QT mod M ,
If Then go to (3).Algorithm obtains digital signature sign indicating number (Q, U) after carrying out, and it can send to the verifier with file F.
Notice that Q can not be repeated to generate.
According to dual coresidual theorem, in signature, need not V ≡ (R -1WG 1) QUδ λ(mod M), wherein G 1 = Π i = 1 n A i b i , λ satisfies λS ≡ ( ( δ + 1 ) SU + Σ i = 0 n - 1 ( δQ ) n - 1 - i W i ) ( δQ - W ) ( mod M - 1 ) , This shows
3.2.4 authentication
The recipient is with the public-key cryptography ({ C of transmit leg i, α, β, γ) as authentication secret.If F is for waiting to sign file or message, (Q, U) is its signed codevector.
(1) make eap-message digest H=Hash (F), its binary form is b 1b 2B n
(2) calculate G ^ ← Π i = 1 n C i b i mod M
(3) calculate X ← ( αH Q - 1 ) QUT α Q n T , Y ← ( G ^ QT U - 1 ) US β UT γ T mod M
(4) if X ≡ Y and Q are not repeated, then the signer identity effectively and F be not modified, otherwise the invalid or F of signer identity is modified in transmission.
After algorithm is carried out, can reach and differentiate the signature true and false, the purpose that anti-sender denies and anti-assailant revises.Prove below:, X ≡ Y (mod M) is arranged then if (Q, U) is a real signed codevector.
Know from key schedule: α ≡ δ δ n ≡ δ ( WG 0 G 1 ) S ( mod M ) , β≡δ (δ+1)WS(mod?M)、 γ ≡ δ W n ( mod M ) .
Make V ≡ (R -1WG 1) QUδ λ(mod M).Because λ satisfies λS ≡ ( ( δ + 1 ) SU + Σ i = 0 n - 1 ( δQ ) n - 1 - i W 1 ) ( δQ - W ) ( mod M - 1 ) , Can make Here k is an integer, so
Q QU V S ≡ ( R G 0 ) SQU H QU δ QU ( R - 1 W G 1 ) QUS δ λS
≡ ( W G 0 G 1 ) QUS δ QU H QU δ λS
≡ α QU H QU δ ( ( δ + 1 ) SU + Σ ( δQ ) n - 1 - i W i ) ( δQ - W )
≡ ( αH ) QU δ - ( δ + 1 ) WSU δ δ ( δ + 1 ) QUS δ ( δQ ) n - W n
≡ ( αH ) QU β - U δ δ ( δ + 1 ) QUS α Q n γ - 1 ( mod M ) .
Transplant V S≡ (α HQ -1) QUα Qnβ -Uγ -1δ δ (δ+1)QUS (mod M).Therefore, have
V ST ≡ ( α HQ - 1 ) QUT α Q n T β - UT γ - T δ δ ( δ + 1 ) QUST
≡ Xβ - UT γ - T δ δ ( δ + 1 ) QUST ( mod M ) .
Again
U U V T ≡ ( R W k 1 - 1 δ δ ( δ + 1 ) ) QUT ( R - 1 W G 1 ) QUT δ λT
≡ ( W k 1 G 1 ) QUT δ δ ( δ + 1 ) QUT δ λT
≡ G ^ QUT δ δ ( δ + 1 ) QUT ( mod M ) .
Transplant V T ≡ ( G ^ QT U - 1 ) U δ δ ( δ + 1 ) QUT ( mod M ) . Therefore
V ST ≡ ( G ^ QT U - 1 ) US δ δ ( δ + 1 ) QUST ( mod M ) .
According to dual coresidual theorem, have
V ST ≡ X β - UT γ - T δ δ ( δ + 1 ) QUST ≡ ( G ^ QT U - 1 ) US δ δ ( δ + 1 ) QUST .
Promptly X ≡ ( G ^ QT U - 1 ) US β UT γ T ≡ Y ( mod M ) .
3.3 the fail safe of this digital signature method
By analyzing, have quite high fail safe based on the public key digital signature method of a super logarithm difficult problem and dual coresidual theorem, when being used, it and encryption method can satisfy the needs of practical application.
A super logarithm difficult problem: make that p is that prime number, c are constant, x the unknown, x then solves an equation x≡ c (mod p) is than separating g x≡ c (mod p) is more difficult.Therefore, x x≡ c (mod p) problem is referred to as a super logarithm difficult problem.
3.4 advantage and good effect
3.4.1 fail safe is higher
In at present used digital signature schemes such as RSA, ElGamal, the problem of having utilized big number to be difficult to calculate, along with the raising of computer speed, their fail safe will be affected.And this digital signature method is to have utilized super logarithm difficult problem x xThe uncertainty of ≡ c (modp) and l (.) function, just in the arithmetic speed of just considering computer when exhaustive, so, possess higher fail safe.
3.4.2 arithmetic speed is very fast
In this digital signature method, no matter be signature or checking, relate generally to modular multiplication and Montgomery Algorithm on the prime field.Because modulus M is less and number Montgomery Algorithm is very limited, therefore, arithmetic speed will be very fast.
3.4.3 it is favourable to national security
The Internet is a kind of open net, and information transmitted must be encrypted and sign in the above.Since important departments such as the Chinese government, national defence, finance, the tax already internet usage as means of communication, so information security is related to national security and economic security.But the information security of a vast big country can not be based upon on the external cryptographic algorithm basis, and therefore, public key encryption and the signature algorithm of studying us seem imperative and be significant.
(4) embodiment
Characteristics based on the public key digital signature method of a super logarithm difficult problem and dual coresidual theorem are that it can allow each user obtain two keys, and a key can disclose, and a key can only the individual have.Like this, can not worry that key divulged a secret in transmittance process.When the agreement correspondent was transmitted information on the net, the sender used the private cipher key of oneself that file or message are carried out digital signature, and the recipient uses sender's public-key cryptography that it is verified after receiving file and signed codevector.
CA (Certificate Authentication) authentication center that each user can arrive appointment obtains two keys.The ca authentication center is the mechanism that the user is registered and key is produced, distributes and manages.It utilizes the key generation method generation user's of 3.2.2 joint public-key cryptography and private cipher key.
This digital signature method can realize that it comprises two parts with logic circuit chip or program language: (1) develops chip or program according to key generation method, is used by the ca authentication center; (2) develop chip or program according to the digital signature and the auth method of 3.2.3,3.2.4 joint, use by the general user.

Claims (1)

1, a kind of digital signature method based on a super logarithm difficult problem and dual coresidual theorem, form by key generation, digital signature and three parts of authentication, the key generating portion is used for producing user's a private cipher key and a public-key cryptography (being private key and PKI), digital signature partly uses the private key of oneself that file or message are produced signed codevector for transmit leg, authentication partly uses the PKI of transmit leg to come the certifying signature sign indicating number for the recipient, suppose S, T, Be coprime in twos integer, T 〉=2 wherein n, And Be a non-big number, it is characterized in that
● the key generating portion has adopted the following step:
(1) produces the super increasing sequence { A that item number is n at random 1, A 2..., A n, calculate G = Π i - 1 n A i
(2) find a positive prime number M make gcd (S, M-1)=1, And q| (M-1)
Here, q≤n+4 is any prime number
(3) select δ make (δ, M-1)=1 and
(4) calculate α=← δ δ n, W ← G -1(α δ -1) 1/S, β ← δ (δ+1) WSAnd γ ← δ WnMod M
(5) produce different in twos value l (1), l (2) ..., l (n) ∈ i δ (mod M-1) | i=5,6 ...,, 2+4}
(6) juice is calculated non-coprime sequence { C 1, C 2..., C n| C i≡ A iW L (i)(mod M) for i=1, and 2 ..., n}
After the end, with ({ A i, { l (i) }, W, δ, ) as private key, with ({ C i, α, β, γ) as PKI, S, T, M are shared;
● digital signature has partly adopted following step mule:
Transmit leg is with the private key ({ A of oneself i, { l (i) }, W, δ, As signature key, establishing Hash is one-way hash function, at file F
(1) make eap-message digest H=Hash (F), its binary form is b 1b 2B n
(2) calculate k 1 ← Σ i = 1 n b i l ( i ) , G 0 ← Π i = 1 n A i - b i
(3) select unduplicated Q<M to make Calculate R and satisfy Q ≡ (R G 0) SH δ (mod M)
(4) calculate U ← ( R W k 1 - 1 δ δ ( δ + 1 ) ) QT mod M ,
If Then go to (3) at last, obtain signed codevector (Q, U), it can be attached to file F back and send to the recipient;
● the following step has partly been adopted in authentication:
The recipient is with the PKI ({ C of transmit leg i, α, β, γ) as authentication secret, at file F and signed codevector (Q, U)
(1) make eap-message digest H=Hash (F), its binary form is b 1b 2B n
(2) calculate G ^ ← Π i = 1 n C i b i mod M
(3) calculate X ← ( α HQ - 1 ) QUT α Q n T , Y ← ( G ^ QT U - 1 ) US β UT γ T mod M
(4) if X ≡ Y and Q are not repeated, then the signer identity effectively and F be not modified,
Otherwise the invalid or F of signer identity is modified in transmission.
CNA2006101456479A 2006-11-23 2006-11-23 Digital signature method based on super logarithm difficult problem, and dual coresidual theorem Pending CN1960257A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CNA2006101456479A CN1960257A (en) 2006-11-23 2006-11-23 Digital signature method based on super logarithm difficult problem, and dual coresidual theorem

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CNA2006101456479A CN1960257A (en) 2006-11-23 2006-11-23 Digital signature method based on super logarithm difficult problem, and dual coresidual theorem

Publications (1)

Publication Number Publication Date
CN1960257A true CN1960257A (en) 2007-05-09

Family

ID=38071761

Family Applications (1)

Application Number Title Priority Date Filing Date
CNA2006101456479A Pending CN1960257A (en) 2006-11-23 2006-11-23 Digital signature method based on super logarithm difficult problem, and dual coresidual theorem

Country Status (1)

Country Link
CN (1) CN1960257A (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101072099B (en) * 2007-06-22 2010-06-16 苏盛辉 Public key encryption method based on nonuniform super-increasing sequence
CN101753310A (en) * 2009-12-28 2010-06-23 苏盛辉 Digital signature method based on multivariable array problem and super logarithm problem
WO2011063744A1 (en) * 2009-11-30 2011-06-03 中国移动通信集团公司 Method, system and device for identity authentication in extensible authentication protocol (eap) authentication
CN101369888B (en) * 2008-10-07 2013-07-24 苏盛辉 Digital signature method based on non-homogeneous ultra-increasing sequence
CN104601600B (en) * 2015-02-17 2019-04-23 苏盛辉 Rogue program preventing control method based on asymmetric identity

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101072099B (en) * 2007-06-22 2010-06-16 苏盛辉 Public key encryption method based on nonuniform super-increasing sequence
CN101369888B (en) * 2008-10-07 2013-07-24 苏盛辉 Digital signature method based on non-homogeneous ultra-increasing sequence
WO2011063744A1 (en) * 2009-11-30 2011-06-03 中国移动通信集团公司 Method, system and device for identity authentication in extensible authentication protocol (eap) authentication
CN101753310A (en) * 2009-12-28 2010-06-23 苏盛辉 Digital signature method based on multivariable array problem and super logarithm problem
CN101753310B (en) * 2009-12-28 2015-07-29 苏盛辉 Based on the digital signature method of multivariable array problem and a super logarithm difficult problem
CN104601600B (en) * 2015-02-17 2019-04-23 苏盛辉 Rogue program preventing control method based on asymmetric identity

Similar Documents

Publication Publication Date Title
Joye et al. Efficient generation of prime numbers
CN1144418C (en) Method and device for authenticating first instance and second instance
CN1960257A (en) Digital signature method based on super logarithm difficult problem, and dual coresidual theorem
WO2005099150A2 (en) Public key cryptographic methods and systems
RU2533693C2 (en) Encoding points on elliptic curve
Jirwan et al. Review and analysis of cryptography techniques
Lin et al. Effective generalized equations of secure hyperelliptic curve digital signature algorithms
CN101267300A (en) Multi-variant public key encryption method based on mutual prime number sequent and lever function
CN101753310B (en) Based on the digital signature method of multivariable array problem and a super logarithm difficult problem
Yang et al. A provably secure and efficient strong designated verifier signature scheme
CN101072099B (en) Public key encryption method based on nonuniform super-increasing sequence
CN102064938B (en) One is based on multivariate and probabilistic public key encryption method
JP2007041461A (en) Scalar multiplication computing method and device in elliptic curve cryptography
CN101369888B (en) Digital signature method based on non-homogeneous ultra-increasing sequence
CN101296076A (en) Digital signature scheme based on ECC
Augot et al. A Fast Provably Secure Cryptographic Hash Function.
Zhao et al. Certificateless undeniable signatures from bilinear maps
CN1832402A (en) Numberical signature method based on lever function and super-increment sequence
CN1885769B (en) Digital abstract forming device and method, and CA signing system and method
CN102347840B (en) A kind of public key encryption method based on mutual prime sequences and lever function
CN1419357A (en) Matrix classical resolution problem based public key code system
CN102307102B (en) A kind of light weight digital signature method based on a super logarithm difficult problem
CN1464678A (en) Method for digital signature and authentication based on semi-group discrete logarithm problem
Rahouma Reviewing and applying security services with non-english letter coding to secure software applications in light of software trade-offs
Xiao et al. Improved RSA Algorithm and Application in Digital Signature

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C02 Deemed withdrawal of patent application after publication (patent law 2001)
WD01 Invention patent application deemed withdrawn after publication

Open date: 20070509